diff options
5 files changed, 50 insertions, 15 deletions
diff --git a/scripts/VyattaNatRule.pm b/scripts/VyattaNatRule.pm index 1daa336..e7316c0 100644 --- a/scripts/VyattaNatRule.pm +++ b/scripts/VyattaNatRule.pm @@ -81,8 +81,14 @@ sub setup { $self->{_proto} = $config->returnValue("protocol"); $self->{_exclude} = $config->exists("exclude"); + $self->{_source}->{_net} = undef; $self->{_source}->{_addr} = $config->returnValue("source address"); - $self->{_source}->{_net} = $config->returnValue("source network"); + if (defined($self->{_source}->{_addr}) + && ($self->{_source}->{_addr} =~ /\//)) { + $self->{_source}->{_net} = $self->{_source}->{_addr}; + $self->{_source}->{_addr} = undef; + } + my @tmp = $config->returnValues("source port-number"); $self->{_source}->{_port_num} = [ @tmp ]; @tmp = $config->returnValues("source port-name"); @@ -92,8 +98,14 @@ sub setup { $self->{_source}->{_port_range}->{_stop} = $config->returnValue("source port-range stop"); + $self->{_destination}->{_net} = undef; $self->{_destination}->{_addr} = $config->returnValue("destination address"); - $self->{_destination}->{_net} = $config->returnValue("destination network"); + if (defined($self->{_destination}->{_addr}) + && ($self->{_destination}->{_addr} =~ /\//)) { + $self->{_destination}->{_net} = $self->{_destination}->{_addr}; + $self->{_destination}->{_addr} = undef; + } + @tmp = $config->returnValues("destination port-number"); $self->{_destination}->{_port_num} = [ @tmp ]; @tmp = $config->returnValues("destination port-name"); @@ -145,8 +157,14 @@ sub setupOrig { $self->{_proto} = $config->returnOrigValue("protocol"); $self->{_exclude} = $config->existsOrig("exclude"); + $self->{_source}->{_net} = undef; $self->{_source}->{_addr} = $config->returnOrigValue("source address"); - $self->{_source}->{_net} = $config->returnOrigValue("source network"); + if (defined($self->{_source}->{_addr}) + && ($self->{_source}->{_addr} =~ /\//)) { + $self->{_source}->{_net} = $self->{_source}->{_addr}; + $self->{_source}->{_addr} = undef; + } + my @tmp = $config->returnOrigValues("source port-number"); $self->{_source}->{_port_num} = [ @tmp ]; @tmp = $config->returnOrigValues("source port-name"); @@ -156,10 +174,15 @@ sub setupOrig { $self->{_source}->{_port_range}->{_stop} = $config->returnOrigValue("source port-range stop"); + $self->{_destination}->{_net} = undef; $self->{_destination}->{_addr} = $config->returnOrigValue("destination address"); - $self->{_destination}->{_net} - = $config->returnOrigValue("destination network"); + if (defined($self->{_destination}->{_addr}) + && ($self->{_destination}->{_addr} =~ /\//)) { + $self->{_destination}->{_net} = $self->{_destination}->{_addr}; + $self->{_destination}->{_addr} = undef; + } + @tmp = $config->returnOrigValues("destination port-number"); $self->{_destination}->{_port_num} = [ @tmp ]; @tmp = $config->returnOrigValues("destination port-name"); diff --git a/templates-cfg/service/nat/rule/node.tag/destination/address/node.def b/templates-cfg/service/nat/rule/node.tag/destination/address/node.def index 7244fda..48da82b 100644 --- a/templates-cfg/service/nat/rule/node.tag/destination/address/node.def +++ b/templates-cfg/service/nat/rule/node.tag/destination/address/node.def @@ -1,3 +1,12 @@ type: txt -help: Destination address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$VAR(@)'" ; "invalid destination address \"$VAR(@)\"" +help: Destination address or subnet +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl \ + -q ipv4_negate '$VAR(@)' \ + || /opt/vyatta/sbin/vyatta-validate-type.pl \ + -q ipv4net_negate '$VAR(@)'" \ + ; "invalid destination address \"$VAR(@)\"" +comp_help: Possible completions: + <IP address> IP address to match + <IP address>/<prefix length> Subnet to match + !<IP address> Match everything except the specified address + !<IP address>/<prefix length> Match everything except the specified subnet diff --git a/templates-cfg/service/nat/rule/node.tag/destination/network/node.def b/templates-cfg/service/nat/rule/node.tag/destination/network/node.def deleted file mode 100644 index 8a52eec..0000000 --- a/templates-cfg/service/nat/rule/node.tag/destination/network/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Destination network -syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$VAR(@)'" ; "invalid destination network \"$VAR(@)\"" diff --git a/templates-cfg/service/nat/rule/node.tag/source/address/node.def b/templates-cfg/service/nat/rule/node.tag/source/address/node.def index 6be2e29..a9dda73 100644 --- a/templates-cfg/service/nat/rule/node.tag/source/address/node.def +++ b/templates-cfg/service/nat/rule/node.tag/source/address/node.def @@ -1,3 +1,12 @@ type: txt -help: Source address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4_negate '$VAR(@)'" ; "invalid source address \"$VAR(@)\"" +help: Source address or subnet +syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl \ + -q ipv4_negate '$VAR(@)' \ + || /opt/vyatta/sbin/vyatta-validate-type.pl \ + -q ipv4net_negate '$VAR(@)'" \ + ; "invalid source address \"$VAR(@)\"" +comp_help: Possible completions: + <IP address> IP address to match + <IP address>/<prefix length> Subnet to match + !<IP address> Match everything except the specified address + !<IP address>/<prefix length> Match everything except the specified subnet diff --git a/templates-cfg/service/nat/rule/node.tag/source/network/node.def b/templates-cfg/service/nat/rule/node.tag/source/network/node.def deleted file mode 100644 index 2da1647..0000000 --- a/templates-cfg/service/nat/rule/node.tag/source/network/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Inside network -syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl ipv4net_negate '$VAR(@)'" ; "invalid source network \"$VAR(@)\"" |